[GRLUG] No connectivity between two specific end-points

Adam Tauno Williams awilliam at whitemice.org
Tue Nov 13 09:15:48 EST 2012 

This end: LINUX box A and LINUX box B

Mystery is that "A" can ping the remote device, and perform HTTP  
connections, B cannot (no ping, no HTTP, etc...).  The remote device  
is a very boring HP4200 laser printer

Firewall on A & B:

cassowary:~ # iptables --list
Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Remote device 192.168.34.183 which lies on the other side of an MPLS  
'cloud' [so oblivious to whatever hi-jinks the proprietary numb skulls  
in the middle pull].


Traceroute from A [working]:
adam at cebolla:/home/adam> sudo /usr/sbin/traceroute 192.168.34.183
traceroute to 192.168.34.183 (192.168.34.183), 30 hops max, 40 byte  
packets using UDP
  1  router.example.com (192.168.1.6)  0.864 ms   0.538 ms   0.585 ms
  2  172.20.42.102 (172.20.42.102)  2.175 ms   1.980 ms   2.231 ms
  3  12.84.15.221 (12.84.15.221)  7.391 ms   7.292 ms   6.843 ms
  4  cr85.cgcil.ip.att.net (12.122.85.102)  20.248 ms   19.627 ms   19.046 ms
  5  cr1.cgcil.ip.att.net (12.122.99.33)  22.327 ms   21.691 ms   21.584 ms
  6  cr82.gdrmi.ip.att.net (12.122.152.6)  18.671 ms   18.115 ms   19.772 ms
  7  12.112.209.37 (12.112.209.37)  12.450 ms   12.352 ms   12.230 ms
  8  12.112.209.38 (12.112.209.38)  16.428 ms   17.401 ms   17.632 ms
  9  192.168.34.183 (192.168.34.183)  15.715 ms   15.978 ms   16.346 ms

Traceroute from B [not working]:
adam at cassowary:~ # sudo /usr/sbin/traceroute 192.168.34.183
traceroute to 192.168.34.183 (192.168.34.183), 30 hops max, 40 byte  
packets using UDP
  1  router.example.com(192.168.1.6)  0.621 ms   0.646 ms   0.695 ms
  2  172.20.42.102 (172.20.42.102)  2.290 ms   2.239 ms   2.404 ms
  3  12.84.15.221 (12.84.15.221)  7.355 ms   8.100 ms   7.851 ms
  4  cr85.cgcil.ip.att.net (12.122.85.102)  20.735 ms   20.269 ms   19.558 ms
  5  cr1.cgcil.ip.att.net (12.122.99.33)  22.579 ms   22.115 ms   20.127 ms
  6  cr82.gdrmi.ip.att.net (12.122.152.6)  18.181 ms   18.653 ms   18.080 ms
  7  12.112.209.37 (12.112.209.37)  13.358 ms   12.310 ms   12.216 ms
  8  12.112.209.38 (12.112.209.38)  16.149 ms   16.217 ms   16.486 ms
  9  * * *

Hmmmm.  Host B can reach and communicate with every other host on the  
remote subnet.  The remote router [12.112.209.38] is a Cisco 2800 that  
doesn't do any packet filtering [only QoS].

Guesses / thoughts as to what might be eating the packets for this  
very specific pair of end-points?

More information about the grlug mailing list